It’s a good question, and unfortunately for Android users, the answer to whether or not your older Android phone is a malware target is quite simply, “Yes.” It’s all about potentially harmful applications, or PHA. It’s the term Google created for Android malware. Google’s own recently-released research found that Android smartphones running on older OS like KitKat (4.x), Lollipop (5.x), or Marshmallow (6.x) are more likely to download a PHA that goes undetected.

The older OS allows more persistent PHAs that also resist removal to gain a stronghold. The research finds that older OS devices are 0.5% likely to have one or more PHAs. Newer Android OS versions like Nougat, Oreo and Pie are more resilient to PHA attacks, making it less likely they will infect a smartphone. Google finds only .25% of newer OS phones are vulnerable to PHAs, half as much as the older OS. The one thing Google relies on for their research is that users download apps directly from Google Play and not sideload apps from unknown sources.

Although Google has difficulty keeping PHAs from infiltrating its Play Store, it still claims there are tangible results and improvements due to a dedication to increasing security for Androids. Of course, all bets are off when users download PHAs from sources other than the Google Play Store. Android users with an older OS who sideload apps from sites other than Google are playing with fire. In fact, Google research finds “Android devices that only download apps from Google Play are 9 times less likely to get a PHA than devices that download apps from other sources.” That number alone should convince users not to sideload apps, no matter what Android OS they are using.

Google admits that in 2017 alone, over 700,000 apps were removed from Play Store because they violated policies about content, and others because they contained malware and engaged in phishing activities. That number of deleted apps was up 70% from 2016, which questions whether Google is getting better at finding PHAs, or the sheer number of PHAs has dramatically increased over time. Regardless of the answer in 2017, in 2018 Google claims they are getting much better at detecting PHAs. Users with older Android OS now have no excuse not to download apps from the Play Store. Even for those with more recent OS, the answer is the same: Don’t sideload and download apps only from the Google Play Store. It’s the best bet to keep your apps legitimate and your smartphone safe.

Also remember that even if you don’t have an Android, it’s always a safer move to get your apps exclusively from the official app stores and never to sideload. Malware, phishing, and other cyber threats do not exclusively affect Android.

In 2017, Google announced there were more than 2 billion active Android mobile devices worldwide. In fact, research shows that on average, Android users touch their smartphone 2,617 times per day. Crazy? Perhaps. But what happens when you reach out for your smartphone and it’s not there? Not having your Android smartphone, lost or stolen, can be a nightmare.

Those frantic moments spent retracing your steps don’t always pay off. With the cost of Android smartphones hitting the $1000 mark, those can be some very expensive steps at that. Along with the thought of having to shell out big bucks is the realization of just how much information may now be in the hands of a not-so-good doer. Helping take the sting out of that very real fear, there are now Android device-finding apps available for that most cringe-worthy of moments.

Accessing contacts, social media, bank accounts, photos, emails, texts, and more are an everyday expectation for your mobile pal. Stored passwords, account numbers, and other data you don’t want in the hands of someone else can all be up for grabs in a flash. Until now, unlike iPhone users who can use the “Find My iPhone” feature or block access to it remotely, Android smartphone users were left crossing their fingers, perhaps hoping for some kind of divine intervention.

Knowing your device is locked and your information is safe while you’re searching for it is also a big deal. Finally, apps are available for doing both. The apps use GPS to pinpoint your phone’s location on a map, allowing you to track it down. Another feature lets you lock the device and display you phone number. One app lets you remotely wipe all the data your smartphone holds. However, choosing that option also deletes the app itself, removing the only hope of finding your phone using GPS. That’s a decision only you can make.

With over 2 billion Android smartphones out there, you’re in good company wanting to keep tabs on your device. Knowing all is not necessarily lost should be motivation enough for Android owners to check out these apps, and maybe rest a little easier knowing help is just a touch away.

It’s time to stop and think about just how much information your Smartphone holds. Photos, all kinds of account numbers, passwords, texts, emails, and much more. It’s not just your personal PII (Personally Identifiable Information), it’s also all of your contacts, be it family, friends, or otherwise. You’d surely never, ever want all that data in the hands of a hacker. That single fact makes updating your Android phone the litmus test of how committed you are to keep that data secure as possible.

Precious few of us have security software on our smartphones, which makes OS updates one major key to keeping your PII safe. Updates almost always include the latest security patches and that’s often the easiest way to keep hackers at bay.

Android phones are currently #1 on the hacker hit list, and smartphone manufacturers are doing what they can to keep up with security. With Google being the most prolific smartphone producer, they take security updates very seriously. They offer the most frequent security patch updates on a monthly basis and urge their users to download them immediately. In addition, Google recently came out with a list of the most secure Android phones, which are the best at reliable and quick security updates occurring automatically. No longer will you have to keep putting off that annoying security update only to completely forget about it. If you’re in the market for a new phone, Google urges users to take a look at their list below and make your purchase with that knowledge in mind.

However, don’t panic if your phone isn’t on the list. It doesn’t mean it’s not secure, it simply means you need to be diligent about updating OS security patches. Google’s Android Enterprise website is the place to go for more information. The website states their goal is “…giving customers confidence to select, deploy and manage devices that meet elevated enterprise requirements… knowing they will receive regular security updates and at least one major operating system update, work with zero-touch enrollment, and be available unlocked.”

BlackBerry KeyOne

BlackBerry Motion

Google Pixel/Pixel XL

Google Pixel 2/Pixel 2 XL

Huawei Mate 10/Mate 10 Pro

Huawei MediaPad M5

Huawei P Smart

Huawei P10/P10 Plus/P10 Lite

Huawei P20/P20 Pro

LG G6

LG V30

Moto X4

Moto Z2 Force Edition

Moto Z3 Play

Moto G6/G6 Plus

New Nokia 6

Nokia 3.1

Nokia 5.1

Nokia 7 Plus

Nokia 8/8 Sirocco

Sharp Aquos Sense SH-01K

Sonim XP8

Sony Xperia XA2/XA2 Ultra

Sony Xperia XZ Premium

Sony Xperia XZ1/XZ1 Compact

Sony Xperia XZ2/XZ2 Compact

One very important thing to remember: Currently, no phone is invulnerable to hacking attempts. However, a few moments of update inconvenience can save you countless hours trying to restore your identity and everything that goes with it.

Android Users Targeted With Malware In App Found In The Google Play Store

Published September 2, 2018

Android users are targets again with a new piece of malware that can really intrude upon the users’ lives. It was found in the official Google Play Store and users who downloaded an app called “Sex Game” are the ones (but not the only ones) who need to be really worried. This app was available in the Google Play Store in 2016, so sadly, those who did download it have been spied upon for quite some time.

The malware is called Triout and was discovered by some cybersecurity folks at Bitdefender. Triout can gather records of every call, steal SMS/text logs, photos and videos on the device, and even capture GPS coordinates. Once these things are retrieved, they are sent to the command-and-control server controlled by the attacker(s).

While all of this is bad enough, some experts believe this is merely a precursor to something more nefarious such as very targeted espionage and/or blackmail campaigns.

Of course, it’s unlikely many of you actually downloaded this particular app. However, it demonstrates that malware-ridden apps can even make it into the official app stores. While this is the case, it is still much better to get your apps that way than by sideloading, or getting them from third-party sites.

Remember to always do some research before downloading any app too. Check the ratings and if there aren’t many and/or those are all glowing, it may be an indication of a fake or malicious app. Consider waiting until more reviews come in or just skipping that one. The one thing that you can usually count on with reviews is that if something has malware in it, the reviewers will say so.

This particular app has since been removed from the Google Play Store, but it’s not likely the only one there. Use caution when downloading anything onto your mobile devices and make sure they have updated anti-virus software on them too.

The results are in from the Nokia 2017 Threat Intelligence Report and Android users are not going to be happy. The report is based on results from Nokia’s NetGuard, monitoring network traffic on over 100 million devices around the world. The report finds that Android malware has increased more than 53% since the company’s findings last year. Android mobile devices account for 68% of all malware attacks. Despite efforts by Google to reduce malware attacks with Google Play Protect, the report finds sideloading apps from other third-party app stores is largely to blame for the troubling results.

Compared to Android, Windows and iOS devices are inherently safer. So, what’s the difference? One big reason is that Apple runs on a proprietary system, controlled solely by Apple and only on the company’s devices. Windows OS is used much less than Android and Apple for mobile. However, Microsoft seriously fortifies its security systems. A new feature called Device Guard allows only trusted applications to run on the device. Risky sideloaded apps and other third-party software are prevented from running.

But don’t despair! There are precautions Android and all users can take to minimize malware risks.

Never sideload or use third-party apps and other sources. Google’s questionable policy of allowing third-party stores to run on their OS is a haven for cybercriminals worldwide. Saving a few bucks by downloading third-party software doesn’t balance out the serious malware risks. Remember that even apps that cost money, don’t guarantee they are free of malware.

Use extreme caution with Bluetooth and Wi-Fi. Malware can spread directly from one device to another using these technologies if device owners ignore the risks. Not long ago, serious flaws were found in both Bluetooth and Wireless technologies that are device and operating system independent. They have not been fixed on every system, so turning those options off when not in use is recommended for the time being.

Always maintain the latest updates for your OS. Important security measures are included with the updates. Also, download the latest security patches between OS updates, with one exception. The recent Spectre and Meltdown issues have created a situation where you should check with the device or product manufacturer before downloading the patches that address those issues.

Choose your devices wisely. Users need to weigh cost factors vs. peace of mind knowing the options and what manufacturers are doing to make their devices less vulnerable.

If you haven’t heard of Google’s new product for helping to protect Android users, it’s called Google Play Protect. And it now has identified malware, called Tizi, that has infected targets across the world. It is spyware and gets to your Android device through an app advertised on social media and third-party app stores. Once it’s installed, it will gladly grab your personal data from apps such as Facebook, Twitter, WhatsApp, Linked, Skype, and others.

It also exploits several vulnerabilities from several years ago. So, make sure you take some time to update your devices and apps so that they are not open to this exploit.

It can also do a whole host of other tasks that won’t make users happy:

Record audio and take photos without the user knowing what’s happening.

Always check the permissions for any app that you install. If it’s a flashlight app, for example, it doesn’t need access to your camera or microphone. And it is a very rare case indeed that an app needs administrator access to any device. If this is granted, whoever is controlling the malware can have full access to do whatever he or she want on the device.

Make sure Google Play Protect is enabled on Android devices. It began rolling out to users running Play Services 11 and above back in July. It should be available to nearly all versions that are supported by now.

Don’t sideload applications from third-party sites. Stick to the official Google Play store.

Ensure security software is installed on your devices and keep it updated at all times.

Google has so far found 1,300 devices infected by Tizi.

We use cookies to give you a more relevant browsing experience and improve our website. Using this site means that you agree with our use of cookies policy.

Chances are pretty good that you have heard the term business email compromise or BEC by now. It is a type of wire transfer fraud that the FBI has deemed one of the most prevalent types of scam going around these days. In 2017, there were over 15,690 complaints that resulted in total adjusted losses of more than $675 million. That is an 87% increase over 2016 and it is expected to continue to rise. The Identity Theft Resource Center (ITRC) reported that of the fraud related complaints reported in 2017, the most common type was wire transfer fraud.

Chances are pretty good that you have heard the term business email compromise or BEC by now. It is a type of wire transfer fraud that the FBI has deemed one of the most prevalent types of scam going around these days. In 2017, there were over 15,690 complaints that resulted in total adjusted losses of more than $675 million. That is an 87% increase over 2016 and it is expected to continue to rise. The Identity Theft Resource Center (ITRC) reported that of the fraud related complaints reported in 2017, the most common type was wire transfer fraud.

This Privacy Policy applies to and is provided on behalf of Stickley on Security. (collectively referred to as "We", "Us", or "Our") and describes Our information gathering
practices and policies in connection with this Site. We value your ("User", "You", or "Your") privacy and recognize the sensitivity of Your personal information. We are
committed to protecting Your personal information and using it only as appropriate to provide You with the best possible service, products, and opportunities. Use of this
Site constitutes consent to Our collection and use of personal data as outlined herein.

COLLECTION AND USE OF PERSONAL INFORMATION FROM SITE USERS

We collect personally identifiable information from Users who provide it to us for billing purposes. For example, We collect Your name, street address, city, state, zip
code, telephone number, email address, and financial information, such as a credit card number, if You use the Site to register or renew a license. We may use this
information to contact You regarding the status of Your account and orders placed, and to alert You to new information, products and services, events and other
opportunities. We recognize that You may wish to limit the ways in which You are contacted and provide You with opt-out options below. Information about Our experiences and
transactions with you, such as your payment history, types of services and/or products you purchased are not shared with organizations outside of Stickley on Security.

We will not disclose to third parties (that is, people and companies that are not affiliated with Us) individually identifying information, such as names, postal and e-mail
addresses, telephone numbers, and other personal information, except to the extent that it is necessary to process and provide You with Your order, license request or
other request. Your contact information may also be provided to the extent necessary to comply with applicable laws or legal processes (e.g., subpoenas), or to meet contractual obligations outlined in this policy, or to protect Our
rights or property. We will cooperate with all law enforcement authorities.

If Your order, license request or other request is processed by a third-party, or if You are provided with bulletin boards and chat rooms and/or email capabilities on
this Site, please note that in the event that You voluntarily disclose personally identifiable information in those instances, that information, along with any substantive
information disclosed in Your communication or post, can be collected, correlated and used by third parties. This may result in unsolicited messages from third parties. Such
activities are beyond Our control, and We encourage You to check the applicable privacy policy of such party when providing personally identifiable information.

For each visitor to this Site, Our server can detect and collect certain information, including the User's domain name and e-mail address, and can identify the Web pages the
User visited or accessed. We may use this information in order to measure interest in and use of the various areas of the site.

We do not knowingly solicit information from children and We do not knowingly market the Site or its services to children.

OPT-OUT

You may at any time opt out of having Your personal information used by Us to send You promotional correspondence by contacting Us via e-mail provided in the "Contact Us"
section below.

PROMOTION CODES

"Promotion codes" are offered by third-party affiliates of the Stickley on Security Training Videos. If you choose to include a "Promotion Code" when placing your order, the affiliate who is associated with that promotional code will receive your organizations name. They will NOT however receive any other information related to your account. The sharing of the organization name only applies when a "Promotion Code" is included during the order process.

USE OF COOKIES

1. First-party cookies
User input cookies to keep track of the user's input when filling online forms, shopping carts, etc., for the duration of a session, or persistent cookies limited to the duration of an operation such as purchase or trial;
User identification persistent cookies, to identify the user visited the website for the first time;
Authentication cookies, to identify the user once he has logged in, for the duration of a session;
user interface customization cookies such as time zone and shopping cart status info, for the duration of a session (or slightly longer).

2. Third-party cookies
social plug in content sharing cookies, for logged in members of a social network;
Google Analytics cookies to generate statistical data on how the visitor uses the website.

How do we use them?
Where strictly necessary. These cookies and other technologies are essential in order to enable the Services to provide the feature you have requested, such as remembering you have logged in.

For functionality. These cookies and similar technologies remember choices you make such as time zone and shopping cart info. We use these cookies to provide you with an experience more appropriate with your selections and to make your use of the Services more tailored.

For performance and analytics. These cookies and similar technologies collect information on how users interact with the Services and enable us to improve how the Services operate. For example, we use Google Analytics cookies to help us understand how visitors arrive at and browse our products, services and website to identify areas for improvement such as navigation, user experience, and marketing campaigns.

Social media cookies. These cookies are used when you share information using a social media sharing button or .like. button on our websites or you link your account or engage with our content on or through a social media site. The social network will record that you have done this. This information may be linked to targeting/advertising activities.

How can you opt-out?
To opt-out of our use of cookies, you can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use our Services.

Updates to this Cookie Policy
This Cookie Policy may be updated from time to time. If we make any changes, we will notify you by revising the "effective starting" date at the top of this notice.

INFORMATION SECURITY AND CONFIDENTIALITY

We maintain physical, electronic and procedural safeguards to prevent the unauthorized release of or access to Your personal information. When We transfer and receive
certain types of sensitive information such as financial information, We redirect visitors to a secure server. We do not store or reuse Your credit card information. We do
not record or manager financial information about You (including credit card and other payment information). However, such precautions do not guarantee that this Site is
invulnerable to all security breaks. We make no warranty, guarantee, or representation that the use of this Site is protected from viruses, security threats, or other
vulnerabilities and that Your information will always be secure. We cannot guarantee the confidentiality of any communication or material transmitted to/from Us via the Site
or e-mail. Use of the Internet is solely at Your own risk and is subject to all applicable local, state, federal, and international laws and regulations.

THIRD PARTY PROCESSING

Stickley on Security uses the vendor Authorize.net to process all payment transactions. When making a purchase on this site, You also accept the Terms and Conditions and
Privacy Policy of Authorize.net.

CONTACT US

This Privacy Policy may be updated periodically and posted on this Site. It applies only to Our online practices and does not encompass other areas of the organization. We
reserve the right to change this Policy at any time by posting revisions. By accessing or using the Site, You agree to be bound by all of the Terms of this Privacy Policy as
posted at the time of Your access or use. We reserve the right to contact Users of the Site regarding changes to the Terms and Conditions generally, this Privacy Policy
specifically, or any other policies or agreements relevant to the Site's Users. If You have any questions about this Policy, You may email to:

Keep up with the latest cyber security news through our weekly Fraud News & Alerts updates.
Each week you will receive an email containing the latest cyber security news, tips and breach notifications.

Simply complete the form below and you're all set.

You're all set!

You will receive your first official security update email within the next week.
A welcome email has also just been sent to you. If you do not receive this email within the next few minutes, please check your Junk box or spam filter to confirm our emails are not being blocked.